<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <meta name="viewport" content="width=device-width,initial-scale=1.0">
<!--  <link rel="icon" href="<%= BASE_URL %>favicon.ico">-->
  <title>XRay Report</title>
  <script>
    var webVulns = [];
    var serviceVulns = [];
    var subdomains = [];
  </script>
</head>
<body>
<noscript>
  <strong>We're sorry but this page doesn't work properly without JavaScript enabled.
    Please enable it to continue.</strong>
</noscript>
<div id="app"></div>
<!-- built files will be auto injected -->
</body>
</html>

<!-- preserve three vuln record for dev and debug, all the comment will be removed when building the dist-->
<!--<script>version="0.1.0";gitHash="__unknown__";</script>-->
<!--<script class='web-vulns'>webVulns.push({"create_time":1604404309087,"detail":{"addr":"http://pentester-web.vulnet:9000/xss/example1.php?name=hacker","payload":"\u003csCrIpT\u003ealert(1)\u003c/sCrIpT\u003e","snapshot":[["GET /xss/example1.php?name=%3CScRiPt%3Etkstecbbex%3C%2FsCrIpT%3E HTTP/1.1\r\nHost: pentester-web.vulnet:9000\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0\r\nAccept: */*\r\nReferer: http://pentester-web.vulnet:9000/\r\nAccept-Encoding: gzip\r\n\r\n","HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=UTF-8\r\nDate: Tue, 03 Nov 2020 19:53:38 GMT\r\nServer: Apache/2.4.25 (Debian)\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.6.39\r\nX-Xss-Protection: 0\r\n\r\n\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"en\"\u003e\n  \u003chead\u003e\n    \u003cmeta charset=\"utf-8\"\u003e\n    \u003ctitle\u003ePentesterLab \u0026raquo; Web for Pentester\u003c/title\u003e\n    \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\"\u003e\n    \u003cmeta name=\"description\" content=\"Web For Pentester\"\u003e\n    \u003cmeta name=\"author\" content=\"Louis Nyffenegger (louis@pentesterlab.com)\"\u003e\n\n    \u003c!&#45;&#45; Le styles &#45;&#45;\u003e\n    \u003clink href=\"/css/bootstrap.css\" rel=\"stylesheet\"\u003e\n\n    \u003cstyle type=\"text/css\"\u003e\n      body {\n        padding-top: 60px;\n        padding-bottom: 40px;\n      }\n    \u003c/style\u003e\n    \u003clink href=\"/css/bootstrap-responsive.css\" rel=\"stylesheet\"\u003e\n\n  \u003c/head\u003e\n\n  \u003cbody\u003e\n\n    \u003cdiv class=\"navbar navbar-inverse navbar-fixed-top\"\u003e\n      \u003cdiv class=\"navbar-inner\"\u003e\n        \u003cdiv class=\"container\"\u003e\n          \u003ca class=\"btn btn-navbar\" data-toggle=\"collapse\" data-target=\".nav-collapse\"\u003e\n            \u003cspan class=\"icon-bar\"\u003e\u003c/span\u003e\n            \u003cspan class=\"icon-bar\"\u003e\u003c/span\u003e\n            \u003cspan class=\"icon-bar\"\u003e\u003c/span\u003e\n          \u003c/a\u003e\n          \u003ca class=\"brand\" href=\"#\"\u003exray Tester\u003c/a\u003e\n          \u003cdiv class=\"nav-collapse collapse\"\u003e\n            \u003cul class=\"nav\"\u003e\n              \u003cli class=\"active\"\u003e\u003ca href=\"/\"\u003eHome\u003c/a\u003e\u003c/li\u003e\n            \u003c/ul\u003e\n          \u003c/div\u003e\u003c!&#45;&#45;/.nav-collapse &#45;&#45;\u003e\n        \u003c/div\u003e\n      \u003c/div\u003e\n    \u003c/div\u003e\n\n    \u003cdiv class=\"container\"\u003e\n\n\n\n\u003chtml\u003e\nHello \n\u003cScRiPt\u003etkstecbbex\u003c/sCrIpT\u003e\n      \u003cfooter\u003e\n        \u003cp\u003e\u0026copy; PentesterLab 2013\u003c/p\u003e\n      \u003c/footer\u003e\n\n    \u003c/div\u003e \u003c!&#45;&#45; /container &#45;&#45;\u003e\n\n\n  \u003c/body\u003e\n\u003c/html\u003e\n\n\n\n"]],"extra":{"param":{"key":"name","position":"query","value":"wranntsvmtwncuaywhbt"}}},"plugin":"xss/reflected/default","target":{"url":"http://pentester-web.vulnet:9000/xss/example1.php","params":[{"position":"query","path":["name"]}]}})</script>-->
<!--<script class='web-vulns'>webVulns.push({"create_time":1604576805189,"detail":{"addr":"http://pentester-web.vulnet:9000/sqli/example1.php?name=root","payload":"root'and'b'='z","snapshot":[["GET /sqli/example1.php?name=root%27and%27g%27%3D%27g HTTP/1.1\r\nHost: pentester-web.vulnet:9000\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0\r\nAccept: */*\r\nReferer: http://pentester-web.vulnet:9000/\r\nAccept-Encoding: gzip\r\n\r\n","HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=UTF-8\r\nDate: Thu, 05 Nov 2020 19:48:35 GMT\r\nServer: Apache/2.4.25 (Debian)\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.6.39\r\nX-Xss-Protection: 0\r\n\r\n\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"en\"\u003e\n  \u003chead\u003e\n    \u003cmeta charset=\"utf-8\"\u003e\n    \u003ctitle\u003ePentesterLab \u0026raquo; Web for Pentester\u003c/title\u003e\n    \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\"\u003e\n    \u003cmeta name=\"description\" content=\"Web For Pentester\"\u003e\n    \u003cmeta name=\"author\" content=\"Louis Nyffenegger (louis@pentesterlab.com)\"\u003e\n\n    \u003c!&#45;&#45; Le styles &#45;&#45;\u003e\n    \u003clink href=\"/css/bootstrap.css\" rel=\"stylesheet\"\u003e\n\n    \u003cstyle type=\"text/css\"\u003e\n      body {\n        padding-top: 60px;\n        padding-bottom: 40px;\n      }\n    \u003c/style\u003e\n    \u003clink href=\"/css/bootstrap-responsive.css\" rel=\"stylesheet\"\u003e\n\n  \u003c/head\u003e\n\n  \u003cbody\u003e\n\n    \u003cdiv class=\"navbar navbar-inverse navbar-fixed-top\"\u003e\n      \u003cdiv class=\"navbar-inner\"\u003e\n        \u003cdiv class=\"container\"\u003e\n          \u003ca class=\"btn btn-navbar\" data-toggle=\"collapse\" data-target=\".nav-collapse\"\u003e\n            \u003cspan class=\"icon-bar\"\u003e\u003c/span\u003e\n            \u003cspan class=\"icon-bar\"\u003e\u003c/span\u003e\n            \u003cspan class=\"icon-bar\"\u003e\u003c/span\u003e\n          \u003c/a\u003e\n          \u003ca class=\"brand\" href=\"#\"\u003exray Tester\u003c/a\u003e\n          \u003cdiv class=\"nav-collapse collapse\"\u003e\n            \u003cul class=\"nav\"\u003e\n              \u003cli class=\"active\"\u003e\u003ca href=\"/\"\u003eHome\u003c/a\u003e\u003c/li\u003e\n            \u003c/ul\u003e\n          \u003c/div\u003e\u003c!&#45;&#45;/.nav-collapse &#45;&#45;\u003e\n        \u003c/div\u003e\n      \u003c/div\u003e\n    \u003c/div\u003e\n\n    \u003cdiv class=\"container\"\u003e\n\n\n\n\t\t\u003ctable class='table table-striped'\u003e\n      \u003ctr\u003e\u003cth\u003eid\u003c/th\u003e\u003cth\u003ename\u003c/th\u003e\u003cth\u003eage\u003c/th\u003e\u003c/tr\u003e\n\t\t\u003ctr\u003e\u003ctd\u003e2\u003c/td\u003e\u003ctd\u003eroot\u003c/td\u003e\u003ctd\u003e30\u003c/td\u003e\u003c/tr\u003e\u003c/table\u003e      \u003cfooter\u003e\n        \u003cp\u003e\u0026copy; PentesterLab 2013\u003c/p\u003e\n      \u003c/footer\u003e\n\n    \u003c/div\u003e \u003c!&#45;&#45; /container &#45;&#45;\u003e\n\n\n  \u003c/body\u003e\n\u003c/html\u003e\n\n\n\n"],["GET /sqli/example1.php?name=root%27and%27b%27%3D%27z HTTP/1.1\r\nHost: pentester-web.vulnet:9000\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0\r\nAccept: */*\r\nReferer: http://pentester-web.vulnet:9000/\r\nAccept-Encoding: gzip\r\n\r\n","HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=UTF-8\r\nDate: Thu, 05 Nov 2020 19:48:35 GMT\r\nServer: Apache/2.4.25 (Debian)\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.6.39\r\nX-Xss-Protection: 0\r\n\r\n\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"en\"\u003e\n  \u003chead\u003e\n    \u003cmeta charset=\"utf-8\"\u003e\n    \u003ctitle\u003ePentesterLab \u0026raquo; Web for Pentester\u003c/title\u003e\n    \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\"\u003e\n    \u003cmeta name=\"description\" content=\"Web For Pentester\"\u003e\n    \u003cmeta name=\"author\" content=\"Louis Nyffenegger (louis@pentesterlab.com)\"\u003e\n\n    \u003c!&#45;&#45; Le styles &#45;&#45;\u003e\n    \u003clink href=\"/css/bootstrap.css\" rel=\"stylesheet\"\u003e\n\n    \u003cstyle type=\"text/css\"\u003e\n      body {\n        padding-top: 60px;\n        padding-bottom: 40px;\n      }\n    \u003c/style\u003e\n    \u003clink href=\"/css/bootstrap-responsive.css\" rel=\"stylesheet\"\u003e\n\n  \u003c/head\u003e\n\n  \u003cbody\u003e\n\n    \u003cdiv class=\"navbar navbar-inverse navbar-fixed-top\"\u003e\n      \u003cdiv class=\"navbar-inner\"\u003e\n        \u003cdiv class=\"container\"\u003e\n          \u003ca class=\"btn btn-navbar\" data-toggle=\"collapse\" data-target=\".nav-collapse\"\u003e\n            \u003cspan class=\"icon-bar\"\u003e\u003c/span\u003e\n            \u003cspan class=\"icon-bar\"\u003e\u003c/span\u003e\n            \u003cspan class=\"icon-bar\"\u003e\u003c/span\u003e\n          \u003c/a\u003e\n          \u003ca class=\"brand\" href=\"#\"\u003exray Tester\u003c/a\u003e\n          \u003cdiv class=\"nav-collapse collapse\"\u003e\n            \u003cul class=\"nav\"\u003e\n              \u003cli class=\"active\"\u003e\u003ca href=\"/\"\u003eHome\u003c/a\u003e\u003c/li\u003e\n            \u003c/ul\u003e\n          \u003c/div\u003e\u003c!&#45;&#45;/.nav-collapse &#45;&#45;\u003e\n        \u003c/div\u003e\n      \u003c/div\u003e\n    \u003c/div\u003e\n\n    \u003cdiv class=\"container\"\u003e\n\n\n\n\t\t\u003ctable class='table table-striped'\u003e\n      \u003ctr\u003e\u003cth\u003eid\u003c/th\u003e\u003cth\u003ename\u003c/th\u003e\u003cth\u003eage\u003c/th\u003e\u003c/tr\u003e\n\t\t\u003c/table\u003e      \u003cfooter\u003e\n        \u003cp\u003e\u0026copy; PentesterLab 2013\u003c/p\u003e\n      \u003c/footer\u003e\n\n    \u003c/div\u003e \u003c!&#45;&#45; /container &#45;&#45;\u003e\n\n\n  \u003c/body\u003e\n\u003c/html\u003e\n\n\n\n"]],"extra":{"confirm_retry":"4","confirm_retry_result":"3","param":{"key":"name","position":"query","value":"root'and'b'='z"},"pn_similarity":"86","pt_similarity":"100","title":"Generic Boolean based case ['string']","type":"boolean_based"}},"plugin":"sqldet/blind-based/default","target":{"url":"http://pentester-web.vulnet:9000/sqli/example1.php","params":[{"position":"query","path":["name"]}]}});</script>-->
<!--<script class='service-vulns'>serviceVulns.push({"create_time":1604578381249,"detail":{"addr":"tomcat-ajp.vulnet:8009","payload":"","snapshot":null,"extra":{"body":"\\x04\u003c\\x03\\x048\u003c!doctype html\u003e\u003chtml lang=\"en\"\u003e\u003chead\u003e\u003ctitle\u003eHTTP Status 404 – Not Found\u003c/title\u003e\u003cstyle type=\"text/css\"\u003eh1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}\u003c/style\u003e\u003c/head\u003e\u003cbody\u003e\u003ch1\u003eHTTP Status 404 – Not Found\u003c/h1\u003e\u003chr class=\"line\" /\u003e\u003cp\u003e\u003cb\u003eType\u003c/b\u003e Status Report\u003c/p\u003e\u003cp\u003e\u003cb\u003eMessage\u003c/b\u003e /ceclnz.jsp\u003c/p\u003e\u003cp\u003e\u003cb\u003eDescription\u003c/b\u003e The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.\u003c/p\u003e\u003chr class=\"line\" /\u003e\u003ch3\u003eApache Tomcat/8.5.19\u003c/h3\u003e\u003c/body\u003e\u003c/html\u003e\\x00AB","method":"version_match","read_file":"/ceclnz.jsp","status_code":"404"}},"plugin":"poc-go-tomcat-cve-2020-1938","target":{"host":"tomcat-ajp.vulnet","port":8009}});</script>-->
<!--<script class='subdomain'>subdomains.push({"verbose_name":"initial","parent":"example.com","domain":"example.com","cname":[],"ip":[{"ip":"93.184.216.34","asn":"EDGECAST (ASN15133)","country":"北美洲 美国"},{"ip":"2606:2800:220:1:248:1893:25c8:1946","asn":"EDGECAST (ASN15133)","country":"北美洲 美国"}],"web":[{"link":"http://example.com/","status":200,"title":"Example Domain","server":"ECS (dcb/7ECB)"},{"link":"https://example.com/","status":200,"title":"Example Domain","server":"ECS (dcb/7F3A)"}],"extra":""})</script>-->
